gafgyt | 561cef46a4aa913b7bca5dbff8cdfa2ac7075ee815ea81317ab82aa65fcdbbc2 | Triage

Sharing

General

Target

561cef46a4aa913b7bca5dbff8cdfa2ac7075ee815ea81317ab82aa65fcdbbc2
Size

102KB
Sample

221125-l9gzysdd5x
MD5

2b6cadff6c793a5f59a698e269c5c216
SHA1

6f3fb403328caecb07b1df277a60da3c52a79dc6
SHA256

561cef46a4aa913b7bca5dbff8cdfa2ac7075ee815ea81317ab82aa65fcdbbc2
SHA512

adfccb1d269952369da551f5e990d2bcdd1856ab1ddf38fa003e27f3d95cb870ff31c38276ea9374663160afbdeecf7b982f58684f886882f4f23f434695da9c
SSDEEP

3072:4GOBZW1UoDf219qrL6frwiiHavU68wmqoVcqq6GnrOT:4GS4zeY/riiHavU68wmqoVcqq6GnrOT

Score

10^/10

gafgyt discovery linux

Malware Config

Targets

- Target
  
  561cef46a4aa913b7bca5dbff8cdfa2ac7075ee815ea81317ab82aa65fcdbbc2
- Size
  
  102KB
- MD5
  
  2b6cadff6c793a5f59a698e269c5c216
- SHA1
  
  6f3fb403328caecb07b1df277a60da3c52a79dc6
- SHA256
  
  561cef46a4aa913b7bca5dbff8cdfa2ac7075ee815ea81317ab82aa65fcdbbc2
- SHA512
  
  adfccb1d269952369da551f5e990d2bcdd1856ab1ddf38fa003e27f3d95cb870ff31c38276ea9374663160afbdeecf7b982f58684f886882f4f23f434695da9c
- SSDEEP
  
  3072:4GOBZW1UoDf219qrL6frwiiHavU68wmqoVcqq6GnrOT:4GS4zeY/riiHavU68wmqoVcqq6GnrOT
Score

9^/10

discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1